On Wed, Sep 18, 2002 at 10:21:17AM +0200, Assaf Flatto wrote:
> stop the IPtables deamon running in the background would be a good start .
>
> /etc/init.d/iptables stop
> or
> service iptables stop
>
>
> Assi
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 18, 2002 9:57 AM
> To: [EMAIL PROTECTED]
> Subject: iptables flush doesn't kill RELATED packets
>
>
>
> Hi all,
>
> Lately I discovered that when I flush my iptables, it still allow related
> packets to come though (I had a certain port open, then I removed that rule
> and flushed the entire tables... and Walla the connection was still alive).
>
> So if I didn't miss anything basic in here, what's the way to flush the
> related table as well?
>
> Thanks,
>
> Ohad
Flushing the (empty) tables doesn't alter the chains policies.
Either use the suggested stop command, although with my inactive rules
this might not do what you want, or set the policy to DROP explicitly:
iptables -P DROP
Disclaimer: depending on your setup, setting the policies to DROP and
flushing the chains might disconnect you from the machine.
--
Shaul Karl, [EMAIL PROTECTED] e t
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
